Information Security Manager

12 hours, 12 minutes ago
Full-time
Lead
Cybersecurity
HICX.com

HICX.com

HICX provides Supplier Management Software Solutions with a focus on optimizing procurement processes and enhancing supplier innovation for large enterprises.

Professional Services
51-250
Founded 2004
$30M raised

Description

  • Set and drive the overall information security strategy for the organization.
  • Own and maintain the ISMS, including standards, scheduled activities, continuous improvement, and compliance with SOC 2 and ISO 27001.
  • Contribute to security architecture and design decisions and oversee core security tooling and access review processes.
  • Act as the primary escalation point for major security incidents and coordinate corrective actions and incident response.
  • Own security documentation, including policies, standards, exceptions, risk registers, and control evidence.
  • Lead the internal risk assessment and audit program, support external and internal audits, and track remediation to closure.
  • Manage vendor and supplier risk activities, including due diligence, sub-processor oversight, and security assessments.
  • Own access control processes and validate/audit access across divisions and functions.
  • Provide management reporting on risk, incidents, audits, metrics, service trends, and improvement plans.
  • Manage a small internal IT support team and oversee onboarding, offboarding, account lifecycle management, and device provisioning.
  • Ensure IT support operations align with security controls, acceptable use, and access management requirements.
  • Own and deliver security awareness training, customer assurance responses, and security meetings with customers and prospects.

Requirements

  • Proven experience in a senior information security leadership role such as Head of Security or Information Security Manager, ideally in a SaaS or technology company.
  • Demonstrable experience building, operating, and maturing an ISMS, including maintaining SOC 2 and ISO 27001 certification.
  • Excellent track record of leading security audits, including ISO 27001, SOC 2, and Cyber Essentials Plus.
  • Strong hands-on knowledge of security tooling and controls, including EDR, SIEM, MFA, identity and access management, device/endpoint management, and vulnerability management.
  • Solid understanding of cloud security across AWS, Azure, and the Microsoft 365 admin suite.
  • Experience leading end-to-end security incident response, including out-of-hours handling of major incidents.
  • Knowledge of UK GDPR/GDPR and global data protection laws, with experience acting as or working closely with a DPO.
  • Experience in third-party, vendor, and supplier risk management, including due diligence and sub-processor oversight.
  • Experience completing customer security questionnaires and RFPs, maintaining a security knowledge base, and presenting security posture to customers.
  • Strong leadership and people-management skills with experience developing and motivating a small team.
  • Excellent communication skills with the ability to translate technical risk into clear business language for technical and non-technical audiences.
  • A pragmatic, risk-based mindset that balances security with business enablement, usability, and cost.
  • Highly organized, self-motivated, and comfortable working autonomously in a fully remote, international team.
  • Relevant professional certification is desirable, such as CISSP, CISM, CISA, or ISO 27001 Lead Implementer/Auditor.
  • Experience managing internal IT operations and a small IT support team, including onboarding/offboarding, account lifecycle, device provisioning, and SaaS administration is desirable.

Benefits

  • Fully remote work from anywhere within the UK.
  • Private health insurance.
  • 25 days of paid holiday per year plus England Bank Holidays.
  • Additional paid time off for your birthday.
  • Competitive pay based on your skills and location.
  • Opportunity to work with a diverse, international team.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

Facilities Manager

Colovore 1-10 IT Services

Colovore is hiring a hands-on Facilities Manager to oversee the operations, maintenance, and team leadership for high-density, liquid-cooled AI data center facilities as the company expands nationally.

11 hours, 42 minutes ago

Netsuite/Salesforce Senior Application Administrator

IonQ 51-250 Internet Software & Services

IonQ is seeking a Business Systems Manager to lead the administration, security, and optimization of its Salesforce and NetSuite enterprise systems across business operations and IT.

Agile NetSuite Salesforce
11 hours, 42 minutes ago

Cyber Security Analyst I

CyberSheath 51-250 Internet Software & Services

CyberSheath Services International LLC is hiring a Cyber Security Analyst I to support its remote Security Operations team in monitoring client environments for the defense industrial base and responding to security threats.

Cybersecurity SIEM SOC
11 hours, 57 minutes ago

Regional Manager, Affordable Housing

Asset Living 1K-5K Real Estate

Asset Living is hiring a Regional Manager, Affordable Housing to oversee a housing community portfolio’s operations, compliance, staffing, financial performance, leasing, and maintenance.

11 hours, 57 minutes ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers